home *** CD-ROM | disk | FTP | other *** search
- Xref: sparky comp.text.tex:10234 gnu.misc.discuss:2721
- Path: sparky!uunet!zaphod.mps.ohio-state.edu!moe.ksu.ksu.edu!math.ksu.edu!deadend
- From: tar@math.ksu.edu (Tim Ramsey)
- Newsgroups: comp.text.tex,gnu.misc.discuss
- Subject: Emacs security hole (was Re: Installing TeX at a "secure" site?)
- Followup-To: gnu.misc.discuss
- Date: 16 Aug 1992 23:58:53 -0500
- Organization: Dept. of Mathematics, Kansas State University
- Lines: 31
- Message-ID: <16nbmdINNdao@hilbert.math.ksu.edu>
- References: <16gt78INNfr7@agate.berkeley.edu> <1992Aug14.184856.9432@uwm.edu> <FRITZZ.92Aug14174337@ko.ldgo.columbia.edu>
- NNTP-Posting-Host: hilbert.math.ksu.edu
-
- [ this isn't about TeX, so followups to gnu.misc.discuss ]
-
- fritzz@lamont.ldgo.columbia.edu (fritz zaucker) writes:
-
- >Wasn't there a virus spread by legally sold software for the Mac? By
- >the way, an older version of GNU Emacs (which is running at the site
- >who requested that info) installed some program as setuid root by
- >mistake and created a major security hole.
-
- This is slightly wrong. GNU Emacs didn't install the program ("movemail")
- setuid anything. From the GNU Emacs FAQ file:
-
- ] 82: Are there any security risks in GNU Emacs?
- ]
- ] * the `movemail' incident (No, this is not a risk.)
- ]
- ] Cliff Stoll in his book `The Cuckoo's Egg' describes this in chapter 4.
- ] The site at LBL had installed the `etc/movemail' program setuid root.
- ] Since `movemail' had not been designed for this situation, a security
- ] hole was created and users could get root priveleges.
- ]
- ] `movemail' has since been changed so that even if it is installed setuid
- ] root this security hole will not be a result.
- ]
- ] I have heard unverified reports that the Internet worm took advantage of
- ] this configuration problem.
-
- --
- Tim Ramsey, 913.532.6750
- Department of Mathematics
- Kansas State University
-
